Litigation Developments and Mega Settlements
Dole Food, Inc. Derivative Action – Delaware Chancery Court Finds D&Os Engaged in Fraud
Dole Food, Inc. shareholders sued Dole Chairman and CEO David
Murdock and Dole President Michael Carter in connection with
Murdock's buy-out (or "freeze out") of the company
for $13.50 per share. Plaintiffs filed suit in Delaware Chancery
Court alleging that defendants intentionally drove down the price
of Dole's stock and misled the board committee, which comprised
independent directors, regarding Dole's financial outlook so
that Murdock could acquire the company for less money.
On August 27, 2015, the Delaware Chancery Court (Vice Chancellor
Laster) issued a scathing decision in the case following a nine-day
trial finding that Murdock and Carter engaged in "fraud"
to gain approval of the deal at a reduced price, and that their
conduct was "intentional and in bad faith." The court
held that Murdock and Carter breached their duty of loyalty and
were personally liable for $148 million, representing damages of
$2.74 per share.
In re Activision Blizzard – Largest Cash Recovery Ever in
Derivative Action
Plaintiffs challenged a transaction in which Vivendi divested its
controlling equity position in Activision Blizzard, Inc.
(Activision). The transaction restructured Activision's
governance profile and stockholder base. Shortly before trial the
parties entered into a settlement whereby defendants agreed to pay
$275 million to Activision. The Delaware Chancery Court (Vice
Chancellor Laster) approved the settlement. The court observed that
the "monetary consideration of $275 million is the largest
cash recovery ever achieved on stockholder derivative claims."
The settlement represented the 10 percent spread between
Activision's stock price on the open market and sale price in
the transaction. The court also awarded plaintiff's counsel
$72.5 million pursuant to the common fund doctrine "founded on
the equitable principle that those who have profited from
litigation should share its costs."
Duke Energy – M&A Dispute in the Guise of a Section
11 Claim
A securities class action was filed against Duke Energy and its
directors and officers in connection with its $26 billion merger
with Progress Energy. When the merger was proposed, it was
announced that the head of Progress Energy (Bill Johnson) would
become the CEO of the merged entity. However, shortly after the
merger closed, the Board of the combined company voted to make the
CEO of Duke Energy (Jim Rogers) the head of the combined company.
Shareholders filed a securities class action lawsuit alleging that
the merger registration statement and prospectus contained
materially untrue and misleading information regarding
Johnson's anticipated role as CEO of the newly combined entity.
On March 10, 2015, Duke Energy announced that it had reached an
agreement to pay $146.25 million to settle the class action
claims.
Freeport-McMoRan – Settlement Paid as a Special Dividend
to Shareholders
Freeport's shareholders filed a derivative action in Delaware Chancery Court alleging that the company overpaid when it bought two companies, McMoRan Exploration and Plains Exploration & Production, for a combined $9 billion. Plaintiffs alleged that the Freeport Board had conflicts of interest while negotiating the acquisition due to overlapping boards and ownership interests of the three companies involved in the transaction. The parties agreed to settle the lawsuit for a payment of $137.5 million plus corporate governance reforms. The settlement is to be paid out in the form of a "special dividend" to Freeport shareholders, net of attorney's fees and costs.
Developments in Delaware D&O Law
Anti-Fee-Shifting Law
On June 24, 2015, Delaware's Governor signed a bill containing
various amendments to the Delaware General Corporation Law (DGCL),
which became effective August 1, 2015. Under the anti-fee-shifting
provision, Delaware stock corporations are prohibited from adopting
bylaws that force shareholders to pay legal fees if they do not
prevail in lawsuits asserting internal corporate claims against
directors and officers, Del. Code tit. 8 § 102(f). The
legislation creates new Section 115 in the DGCL that defines
"internal corporate claims" as claims (1) that are based
on a violation of a duty by a current or former director or officer
or stockholder in such capacity, or (2) as to which the title
confers jurisdiction upon the Court of Chancery.
Anti-Forum-Shopping Provision
The new amendments to the DGCL also permit Delaware corporations to
designate Delaware, but not any other state, as the exclusive forum
for "internal corporate claims" (see supra). The
law also invalidates any provisions that would prohibit litigation
of intra-corporate claims in Delaware courts.
D&O Advancement Rights
On May 28, 2015, in Blankenship v. Alpha Appalachia Holdings,
Inc., the Delaware Chancery Court issued an opinion clarifying
and strengthening the rights of a former director and officer to
receive "mandatory advancement" of defense costs under a
corporation's charter. The Blankenship case concerned
the right to indemnification and advancement by Donald Blankenship,
the former CEO and chairman of Massey Energy Company
(Massey).
Massey's charter required it to advance costs to the maximum
extent provided by Delaware law. Massey's advancement of
expenses to Blankenship was contingent on him making certain
representations, including a representation that he "had no
reasonable cause to believe that his conduct was ever
unlawful." After a criminal indictment of Blankenship, the
company determined that Blankenship had breached his representation
in the undertaking and ceased advancing the costs of his defense.
Chancellor Bouchard observed that when a Delaware corporation
adopts broad, mandatory advancement rights, it cannot condition its
advancement obligation on anything other than an undertaking to
repay the expenses if it is later determined that indemnification
is not available because an individual has not met the Delaware law
standard of conduct.
Section 102(b)(7) Charter Exculpation Clause
On May 14, 2015, in In re Cornerstone Therapeutics Inc. Stockholder Litigation, the Delaware Supreme Court issued important guidance regarding the pleading requirements to overcome an exculpatory provision, such as those authorized under Section 102(b)(7) of the Delaware General Corporation law. Section 102(b)(7) authorizes stockholders of a Delaware corporation to adopt a charter provision exculpating directors from paying monetary damages that are attributable solely to a violation of the duty of care – as opposed to violations of the duty of loyalty and/or acts of bad faith. If a director is protected by an exculpatory charter provision, in order to survive a motion to dismiss, a plaintiff must plead facts "supporting a rational inference that the director harbored self-interest adverse to the stockholders' interest, acted to advance the self-interest of an interested party from whom the director could not be presumed to act independently, or acted in bad faith."
D&O Cyber Liability
The Home Depot Derivative Action
On September 2, 2015, shareholders of The Home Depot, Inc. (Home
Depot) filed a derivative action in Georgia federal court against
the company's directors and officers for breach of their
fiduciary duties in connection with its 2014 data breach impacting
56 million credit cards. The complaint alleges that defendants
failed to ensure that Home Depot safeguarded its customers'
personal and financial information. Among other things, the suit
claims that Home Depot failed to comply with Payment Card Industry
Data Security Standards (PCI DSS) that apply to all entities that
store, process or transmit payment card data. The complaint also
alleges that certain of the individual defendants, including Home
Depot's chief information officer, were aware that the
company's security systems were outdated based on reports by
employees and independent security consultants. The defendants
allegedly breached their duties by failing to oversee and manage
the risks posed by Home Depot's data security systems and
failing to oversee the inadequate internal controls that failed to
protect customers' personal and financial information.
SEC's Cybersecurity Risk Alert
On September 15, 2015, the SEC's Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert in connection with its Cybersecurity Examination Initiative (Initiative), which is available on the SEC's website. The Initiative is designed to assess cybersecurity preparedness in the securities industry, including Wall Street broker-dealers and investment advisers. While the Initiative focuses on the securities industry, it provides all companies with a road map of action items identified by the SEC that may reduce cyber liability exposure. The OCIE Risk Alert identifies the following areas for examination to gauge firms' cybersecurity preparedness and resilience – including the role of the board of directors in cybersecurity governance, controls and risk assessment.
- Governance and Risk Assessment: OCIE examiners may assess whether registrants have in place cybersecurity governance and risk assessment procedures relative to the key areas of focus noted below. Examiners also may assess whether firms are periodically evaluating cybersecurity risks and whether their controls and risk assessment processes are tailored to their businesses. Examiners also may review the level of communications to senior management and boards of directors and the level of involvement by those entities.
- Access Rights and Controls: As noted by the OCIE, firms may be particularly at risk of a data breach from a failure to implement basic controls to prevent unauthorized access to systems or information, such as multifactor authentication or updating access rights based on personnel or system changes. Examiners may review how firms control access to various systems and data via management of user credentials, authentication and authorization methods. This may include a review of controls associated with remote access, customer logins, passwords, firm protocols to address customer login problems, network segmentation and tiered access.
- Data Loss Prevention: The OCIE indicated that some data breaches may have resulted from the absence of robust controls in the areas of patch management and system configuration. Examiners may assess how firms monitor the volume of content transferred outside of the firm by its employees or through third parties, such as by email attachments or uploads. Examiners also may assess how firms monitor for potentially unauthorized data transfers and may review how firms verify the authenticity of a customer request to transfer funds.
- Vendor Management: The OCIE observed that some of the largest data breaches over the past few years may have resulted from the hacking of third-party vendor platforms. As a result, examiners may focus on firm practices and controls related to vendor management, such as due diligence with regard to vendor selection, monitoring and oversight of vendors, and contract terms. Examiners also may assess how vendor relationships are considered as part of the firm's ongoing risk assessment process as well as how the firm determines the appropriate level of due diligence to conduct on a vendor.
- Training: The OCIE cautioned that without proper training employees and vendors may put a firm's data at risk. Some data breaches result from unintentional employee actions such as a misplaced laptop, accessing a client account through an unsecured Internet connection, or opening messages or downloading attachments from an unknown source. With proper training, employees and vendors can be the firm's first line of defense, for example, by alerting firm IT professional to suspicious activity and understanding and following firm protocols with respect to technology. Examiners may focus on how training is tailored to specific job functions and how training is designed to encourage responsible employee and vendor behavior. Examiners also may review how procedures for responding to cyber incidents under an incident response plan are integrated into regular personnel and vendor training.
- Incident Response: Finally, the OCIE noted that firms generally acknowledge the increased risks related to cybersecurity attacks and potential future breaches. Examiners may assess whether firms have established policies, assigned roles, assessed system vulnerabilities and developed plans to address possible future events. This includes determining which firm data, assets and services warrant the most protection to help prevent attacks from causing significant harm.
Recent D&O Insurance Coverage Decisions
Professional Services Exclusion
Darryn Begun v. Scottsdale Ins. Co., Case No. 13-16211 in
the U.S. Court of Appeals, Ninth Circuit (August 18, 2015). The
court (applying California law) upheld the Professional Services
Exclusion in a management liability insurance policy. The Ninth
Circuit affirmed the district court's ruling, finding that the
Professional Services Exclusion barred coverage, and held that the
"district court properly found Scottsdale [the insurer] had no
duty to defend ... because the underlying action centered on
Appellants' personal failure, of their failure as the alter
egos of Clickbooks, to render payroll services which qualify as
professional services under California law."
Michael I. Goldberg v. National Union, Case No. 13-21653
in the U.S. District Court for the Southern District of Florida
(May 18, 2015). The court (applying Florida law) upheld a
Professional Services Exclusion in a D&O policy. The policy did
not define the term "professional services." However, in
interpreting this phrase, Florida courts have considered several
factors, including whether the services involve specialized skill
or training. The court concluded that banking "is a learned
profession which requires specialized skill, training, and
knowledge, and which is regulated by the state and federal
governments." In addition, the court rejected the
insured's position that the application of the exclusion would
render coverage "illusory" under the policy.
Reimbursement of Unreasonable Fees by Cumis
Counsel
Hartford Casualty Ins. Co. v. J.R. Marketing, LLC, et al.,
Case No. S211645 in the Supreme Court of California (August 10,
2015). The California Supreme Court (applying California law) held
that an insurer may seek reimbursement for unreasonable legal fees
directly from independent Cumis counsel. The court
observed that "principles of restitution and unjust enrichment
dictate that [the law firm] should be directly responsible for
reimbursement to Hartford for counsel's excessive legal
bills." The court also rejected counsel's argument that
the insurer should only be permitted to seek reimbursement from the
insured. As the court observed, requiring the insureds to mount a
separate lawsuit against their counsel to recover funds the insured
is required to reimburse its insurer would give rise to a
"circuitous, complex, and expensive procedure [that] serves
neither fairness nor any other policy interest."
Capacity Exclusion
The Langdale Co. v. National Union, Case No. 14-12723 in
the U.S. Court of Appeals, Eleventh Circuit (June 22, 2015). The
Eleventh Circuit (applying Georgia law) held that the Capacity
Exclusion in the insured's D&O policy barred coverage for
claims asserted against the individual insureds in their dual
capacities as trustees and as directors and officers. The policy
barred coverage for any claim made against any insured
"alleging, arising out of, based upon or attributable to any
actual or alleged act or omission of an Individual Insured serving
in any capacity other than as Executive or Employee of [The
Langdale Company]." In upholding the exclusion, the Eleventh
Circuit noted that to the extent "that [the Individual
Insureds] were allegedly acting as directors and officers, that
misconduct was so inextricably intertwined with their alleged
misconduct as trustees that the duty to advance defense costs was
not triggered."
Fraud Exclusion
Rodney Watts v. Scottsdale Ins. Co., Index 653412/11 New
York Supreme Court, Appellate Division, First Department (June 23,
2015). A New York intermediate appellate court (applying New York
law) held that the insurer was relieved from defending the insured
under a D&O policy after he was sentenced in a criminal
proceeding. The court observed that in the context of "a
criminal prosecution, it is well settled that the imposition of the
sentence constitutes the final judgment against the accused."
The court further noted that the "finality of it is not
changed by the pendency of the appeal." On a separate note,
the court also held that the insurer was entitled to reimbursement
from the insured for defense costs in light of the
sentencing.
Insured v. Insured Exclusion
Robert D. Redmond v. ACE American Ins. Co., Case No.
14-3864 in the U.S. Court of Appeals, Third Circuit (June 5, 2015).
The Third Circuit (applying New York law) held that the Insured v.
Insured Exclusion in a D&O policy barred coverage for claims
initially brought by the insured entity as a debtor-in-possession
(DIP), even though the same claims were subsequently prosecuted by
a Chapter 11 bankruptcy trustee. The Third Circuit observed that
the trustee's substitution for the DIP "does not change
the fact that IEAM [the debtor] 'brought' [the suit]"
in the first instance. Thus, the plain language of the exclusion
applied.
Regulatory Exclusion
Certain Underwriters at Lloyd's London v. Huron Consulting
Group, Inc., Index 650339/11, New York Supreme Court,
Appellate Division, First Department (April 30, 2015). A New York
intermediate appellate court held that the Regulatory Exclusion in
a professional liability policy barred coverage for a qui
tam action that was brought by a private party plaintiff. The
exclusion applied to claims "brought by or on behalf of the
Federal Trade Commission, the Federal Communications Commission, or
any federal, state, local or foreign governmental entity, in such
entity's regulatory or official capacity." The court held
that the exclusion applied despite the fact that the qui
tam action was brought by a private party instead of by a
governmental entity operating in an official or regulatory
capacity, because "the United States is the real party in
interest in a qui tam action under the False Claims
Act."
Consent to Settle and No Action Clause
Piedmont Office Realty Trust, Inc. v. XL Specialty Ins.
Co., Supreme Court of Georgia (April 20, 2015). The Georgia
Supreme Court (applying Georgia law) held that an insured cannot
sue its insurer for bad faith when the insured failed to obtain the
insurer's prior consent to settle a claim. The insurance
policies contained a "consent to settle" provision and a
"no action" clause. The Georgia Supreme Court observed
that the plain language of the insurance policy at issue "does
not allow the insured to settle a claim without the insurer's
written consent." In addition, the court noted that the no
action clause stated that the insured could not sue the insurer
unless, as a condition precedent, the insured "complies with
all of the terms of the policy and the amount of the insured's
obligation to pay is determined by a judgment against the insured
after a trial or [written] agreement between the claimant, the
insured, and the insurer." The Georgia Supreme Court held that
in light of "these unambiguous policy provisions, we hold that
Piedmont is precluded from pursuing this action against XL [the
insurer] because XL did not consent to the settlement and Piedmont
failed to fulfill the contractually agreed upon condition
precedent."
No Coverage for Civil Theft
Twin City Fire Ins. Co. v. CR Technologies, Inc., Case No.
9:13-cv-80998 in the U.S. District Court, Southern District of
Florida (March 11, 2015). A Florida district court (applying
Florida law) held that a D&O policy did not afford coverage for
a final judgment entered against the insured for civil theft. The
D&O insurer denied coverage for the judgment on the following
grounds: (1) the policy definition of Loss does not include the
restoration of an ill-gotten gain; (2) civil theft is not insurable
as a matter of public policy; and (3) statutory treble damages
awarded for civil theft constitute a multiplied damages award,
which was expressly excluded from the definition of Loss. The court
agreed that the D&O policy did not afford coverage for each of
the reasons cited by the insurer.
Dishonesty Exclusion
J.P. Morgan Securities Inc., v. Vigilant Ins. Co., Index
600979/09 in the New York Supreme Court, Appellate Division, First
Department (January 15, 2015). A New York intermediate appellate
court held that an SEC Consent Order did not implicate the
Dishonesty Exclusion in a D&O policy. Pursuant to a settlement
agreement with Bear Stearns, the SEC issued an Order that included
numerous factual findings explaining how Bear Stearns operated its
late trading and market timing scheme. However, the SEC Order
expressly stated that the "findings herein are made pursuant
to [Bear Stearns's] Offer of Settlement and are not binding on
any other person in this or any other proceeding." The
exclusion only applied in the event of a final adverse adjudication
against the insured. The court held that the exclusion did not
apply because "[i]t can hardly be said that the SEC Order ...
put Bear [Stearns's] guilt 'beyond doubt,' when those
very same documents expressly provided that Bear Stearns did not
admit guilt, and reserved the right to profess its innocence in
unrelated proceedings."
SEC Claim First Made Prior to Inception of Policy
BioChemics, Inc. v. AXIS Reinsurance Co., Case No. 13-10691-RWZ in the U.S. District Court, District of Massachusetts (January 6, 2015). A Massachusetts district court held that an SEC investigation and subsequent enforcement action constituted a Claim first made prior to the inception of a D&O policy. The definition of a Claim in the policy included a "civil, arbitration, administrative or regulatory proceeding against any Insured commenced by ... the filing of a notice of charge, investigative order, or like document." The court concluded that the SEC subpoenas and subsequent enforcement action constituted a Claim first made prior to the policy: "The Formal Order [was] issued on May 5, 2011. The policy went into effect on November 13, 2011. The investigation and enforcement action, the Claim at issue, was thus 'first made' before the policy period and is, therefore, not covered under the policy."
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.